Social Engineering : A study in awareness and measures

Sammanfattning: In our technology-based society, there has been a clear focus on technical weaknesses to information security. This study will present another danger that is just as important to be aware of and is just as lethal, Social Engineering. This is an attack against the human element of security. This study covers a basic description of social engineering as well as a more thorough description of how the specific attacks are being performed. It also gives a short description on the factors that can make humans susceptible to manipulation and the possible impact that social engineering might have on an organisation. A research model is created using previous research. The study aims to determine Swedish production companies' perception of social engineering and investigate what measures are being taken to prevent it. This is done through three qualitative interviews with IT professionals from Swedish production companies. Through our research, we have established that Swedish production companies have a good perception of social engineering and that the measures they take to protect themselves are in accordance with best practices. However, the companies put different emphasis on different measures and their view on social engineering’s potential impact differed.